Return to book
Review this book
About the author
Introduction
1. Access Control
2. Authentication
3. Biometrics
4. Crypto Engineering
- 4.1. Software Crypto
- 4.2. Hardware Crypto
5. Malware
- 5.1. Virus
- 5.2. Worm
- 5.3. Trojan Horse
- 5.4. Writing Virus
- 5.5. Rootkits
- 5.6. Anti-virus software
- 5.7. Inside popular software
6. Protecting Clients
7. Security and Usability
- 7.1. User Interface (UI)
- 7.2. Passwords
- 7.3. Cognitive Experiment
- 7.4. Insider Attacks
8. Secure Programming
- 8.1. Buffer overflow
  - 8.1.1. Buffer Overflow Protections
  - 8.1.2. Exploit Buffer Overflow
- 8.2. Secure C practice
- 8.3. secure-sensitive program
9. Physical Security
10. (Web Service) Architecture
- 10.1. Contents and Scripts
11. Confinements
- 11.1. chroot
- 11.2. JVM
- 11.3. Network Identity
- 11.4. Virtual Machine
- 11.5. Sandbox
12. Program Structure
- 12.1. Case study: 4.3BSD FTP Daemon
- 12.2. Case study: mailer
- 12.3. Case study: Web Browser
13. Security Analysis
- 13.1. Construction vs. Destruction
- 13.2. Analyze individual programs
- 13.3. Analyze overall system
- 13.4. Software Engineering Code of Ethics
- 13.5. Tools part 1: OS system calls
- 13.6. Tools part 2: fuzzing and more
- 13.7. Reconnaissance
14. The Internet of Things
- 14.1. Embedded Systems (Smart Devices)
- 14.2. Internet of Things Architecture
- 14.3. Case study: Thermostat
15. Logging
- 15.1. Loggin in practice
- 15.2. Log Incidents
- 15.3. Case study: PHP4 web server attack
16. After An Attack
- 16.1. Analyze a hacked system
- 16.2. Deleted Files
- 16.3. Monitor Intrusion
- 16.4. Conclusion
17. System Structure
- 17.1. Case study: build an e-commerce
- 17.2. Network Operation Center
- 17.3. Router Link Weakness
- 17.4. Remote Access
- 17.5. Question: store credit card number in database?
- 17.6. General Principle
18. Exams
- 18.1. Fall 2014 Midterm
- 18.2. Fall 2013 Midterm
- 18.3. Fall 2010 Midterm
- 18.4. Fall 2008 Midterm

Security Architecture and Engineering

Virtual Machine (VM)

Give the application an entire isolated “machine”, down to the (virtual) bare silicon
Run an entire operating system on this
Run the untrusted application on that OS
It can be very safe

How VMs work

Recall the hardware access control mechanisms: privileged operations and memory protection
Run the guest operating system unprivileged
Any time the guest OS issues a privileged operation, it traps to the virtual machine monitor (VMM)
The VMM emulates the operation. For example, an attempt at disk I/O is mapped to I/O to a real file that represents the virtual disk

VM Security

Very strong isolation
Very high overhead. . .
- Must set up and administer an entire OS
- Guest copies of Microsoft Windows require just as many patches as do native copies
Performance can be bad, though some hardware architectures have special instructions to improve VM performance.

Interacting with a VM

Often don’t want perfect isolation.
Example: cut-and-paste between windows
Performance can be dramatically enhanced if the guest OS signals the VMM
Example: add a virtual “graphics” driver that calls the VMM, via the equivalent of a system call

Limitations of Virtual Machines

Would you let your enemy put a machine inside your data center?
VMs can spread viruses, launch DoS attacks, etc.
VMs require just as much care, administration, and monitoring as do real machines
In many situations, they represent an economic mechanism rather than a security mechanism (Save on power, cooling, etc.)
But — may be less painful when wiping the disk and starting over